Техническая информация
- %WINDIR%\tasks\mhpx.job
- <SYSTEM32>\tasks\mhpx
- %PROGRAMDATA%\bqhxo\mhpx.exe
- http://19#.#3.244.244/tor/status-vote/current/consensus
- http://17#.#5.193.9/tor/status-vote/current/consensus
- http://13#.#43.214.137/tor/server/fp/b04ea2b400d9679e72284e12fb81e68756670a3a
- http://13#.#43.214.137/tor/server/fp/edd0433e613269c2be6c79c07de710a87f1f74aa
- http://13#.#43.214.137/tor/server/fp/f836446663f1eb816f13708955f105d0b2f5c8e0
- http://13#.#43.214.137/tor/server/fp/24d0491a2adaab52c17625fbc926d84477aea322
- DNS ASK gm###r23.xyz
- DNS ASK sc####tat14tp.xyz
- DNS ASK ap#.#pify.org
- '%PROGRAMDATA%\bqhxo\mhpx.exe' start
- '%PROGRAMDATA%\bqhxo\mhpx.exe' start' (со скрытым окном)